How To Setup Kubernetes Cluster Using Kubeadm

By

 

What is Kubeadm?

Kubeadm is a tool to set up a minimum viable Kubernetes cluster without much complex configuration. Also, Kubeadm makes the whole process easy by running a series of prechecks to ensure that the server has all the essential components and configs to run Kubernetes.

It is developed and maintained by the official Kubernetes community. There are other options like minikube, kind, etc., that are pretty easy to set up.

  • Install docker fallow the link check for different flavours 
       
Platformx86_64 / amd64arm64 / aarch64arm (32-bit)s390x
CentOSyesyes  
Debianyesyesyes 
Fedorayesyes  
Raspbian  yes 
RHEL   yes
SLES   yes
Ubuntuyesyesyesyes
Binariesyesyesyes 

  • Install kubelet kubeadm kubectl 
Debian Family 

  1. Update the apt package index and install packages needed to use the Kubernetes apt repository:

    sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl

  2. Download the Google Cloud public signing key:

    sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg

  3. Add the Kubernetes apt repository:

    echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

  4. Update apt package index, install kubelet, kubeadm and kubectl, and pin their version:

    sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl

Redhat Family (Redhat,Centos,AWS linux ...)

cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-\$basearch
enabled=1
gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl
EOF

# Set SELinux in permissive mode (effectively disabling it)
sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes

sudo systemctl enable --now kubelet








On Master Node:

  1. Initialize Kubernetes Cluster

    kubeadm init

  2. Create a user for kubernetes administration and copy kube config file.

      mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

  3. Deploy Calico network as a kubeadmin user.

    This should be executed as a user (heare as a kubeadmin )

    curl https://docs.projectcalico.org/manifests/calico-typha.yaml -o calico.yaml
kubectl apply -f calico.yaml

  4. Cluster join command

    kubeadm token create --print-join-command

On Worker Node:

  1. Add worker nodes to cluster

    Use the output from kubeadm token create command in previous step from the master server and run here.

    look like this 

    kubeadm join 172.31.24.89:6443 ....

  2. Verifying the cluster To Get Nodes status

    kubectl get nodes

    To Get component status

    kubectl get cs
Check The kubernets cluster using sample webapp

[root@ip-172-31-24-89 ec2-user]# kubectl create deployment nginx --image=gudditi/myresume
deployment.apps/nginx created
[root@ip-172-31-24-89 ec2-user]# kubectl expose deployment nginx --type=NodePort --port=80 --target-port=80 --name=nginxsvc
service/nginxsvc exposed
[root@ip-172-31-24-89 ec2-user]# kubectl get svc
NAME         TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)        AGE
kubernetes   ClusterIP   10.96.0.1      <none>        443/TCP        8m19s
nginxsvc     NodePort    10.96.88.173   <none>        80:32599/TCP   5s


browse application using

http://<master/workernode ipaddress>:<port>


Comments

Post a Comment

Popular posts from this blog

Remote Friendly Companies

By
Image
 List of companies provide remote opportunities NAME WEBSITE REGION &yet andyet.com Worldwide 10up 10up.com Worldwide 15Five 15five.com Europe, Americas 17hats 17hats.com Worldwide 18F 18f.gsa.gov USA 1Password 1password.com North America, UK 42 Technologies 42technologies.com Worldwide abiturma abiturma.de Germany Ably ably.io Europe Abstract API abstractapi.com Worldwide acct acct.global Worldwide Acivilate acivilate.com USA Acquia acquia.com Worldwide ActiveCampaign activecampaign.com Dublin, Ireland; USA Ad Hoc adhocteam.us USA Adaface adaface.com Asia AddStructure bazaarvoice.com USA Adzuna adzuna.co.uk Worldwide AE Studio ae.studio USA, BR Aerolab aerolab.co Latin America AgFlow agflow.com Europe Aha! aha.io Worldwide Aim India aimincorp.com India Airbyte airbyte.com Europe, North America, Latin America AirGarage airgarage.com USA AirTreks airtreks.com USA Aivitex aivitex.de Germany Algorand algorand.com USA Algorithmia algorithmia.com the USA or Canada ALICE aliceplatfor...
Read more

Docker Image Vulnerabilities and Scanner Guide: A Quick Overview

By
Image
V ulnerabilities in Docker images can expose your system to potential cyber threats. Tools like Docker Scout, Trivy,.. offer a fast and comprehensive way to scan for these vulnerabilities, ensuring a secure containerized environment. What is a Vulnerability? A vulnerability is a weakness or flaw in software that can be exploited by attackers to compromise a system’s security. In the context of Docker, vulnerabilities can exist within container images, making them potential entry points for cyber threats. Docker Image Vulnerabilities Docker images serve as the building blocks for containers. These images can contain   outdated   or   flawed components   that may pose security risks. Identifying and mitigating these vulnerabilities is crucial for a   secure containerized environment. Image Vulnerability Database:   https://dso.docker.com/explore Here are the top 5 tools to scan Docker images: Docker scout Trivy Clair Anchore Engine Dagda Synk Scan Docker Imag...
Read more

Introduction to Istio, Kiali, Jaeger, Grafana, and Prometheus

By
Image
Are you curious about the magic behind those seamless web applications and services you use daily? Well, let's take a peek into the fascinating world of microservices and the tools that make them work like a charm: Istio, Kiali, Jaeger, Grafana, and Prometheus. These tools might sound a bit technical, but fear not! We're here to break it down in the simplest way possible. 1. Istio: The Traffic Director Istio is an open source service mesh that layers transparently onto existing distributed applications. Istio’s powerful features provide a uniform and more efficient way to secure, connect, and monitor services. Istio is the path to load balancing, service-to-service authentication, and monitoring – with few or no service code changes.  The control plane takes your desired configuration, and its view of the services, and dynamically programs the proxy servers, updating them as the rules or the environment changes. Before utilizing Istio After utilizing Istio Imagine you're m...
Read more